echo '</div>'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'users_csrf')) { if (isset($_POST['delete'])) { if (isset($_POST['id'])) { if (actions::delete_sessions(array_keys($_POST['id']))) { echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } else { if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'users_csrf')) { if ($_GET['type'] == 'delete') { if (isset($_GET['id'])) { if (actions::delete_sessions($_GET['id'])) { echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } } $csrf = $_SESSION['users_csrf'] = \site\utils::str_random(10); echo '<div class="page-toolbar"> <form action="#" method="GET" autocomplete="off"> <input type="hidden" name="route" value="users.php" /> <input type="hidden" name="action" value="sessions" />